# Login & Single Sign-on (SSO)
In this guide we will walk you through the steps to configure and setup your organization's SSO to let users log in with corporate credentials.
Single sign-on (SSO) is an authentication method that allows you to securely log in to multiple apps and sites using a single set of credentials. You can set up SSO to restrict which login methods users can use to access their Reo.Dev. If your team uses SSO authentication, you can set up SSO for Reo.Dev. We support IDP-initiated SSO through SAML and OAuth integrations and the following SSO providers are supported:
* Google
* Microsoft
* Microsoft EntraID
* Okta
If you’d prefer not to use the above methods - you can choose to login via password. If you choose this option - you can enter your login email and a link to set a password will be sent on your email. You can set the password and use it to log into Reo.Dev.
{% hint style="info" %}
Few things to note:
* By default - the password option is selected. If you’re logging in for the first time you need to set a password and then login to the platform. Once you’re logged in you can configure SSO login.
* Only users with ‘ADMIN’ role can configure SSO.
* Sign-in with Google and Microsoft is available on all plans. Sign in with SSO is available only on large and enterprise plans.
{% endhint %}
### **Configuring SSO on Reo.Dev**
**Step 1:** In the Configurations tab under the Settings section on the left, click on ‘**Configure**’ under the **Login & SSO card.**
**Step 2:** Select the SSO option
**Step 3:** Select the SSO provider from the drop-down menu
{% hint style="info" %}
Note: Microsoft Entra is available only on select plans. In case you don't see it in the drop-down menu, it's not included in your current plan.
{% endhint %}
To set up SSO, follow the steps of your provider:
* **Google**
* Select Google from the drop-down menu.
* Then, click on Save and Enforce
* **Microsoft**
* Select Microsoft from the drop-down menu.
* Then, click on Save and Enforce SSO
* **Microsoft Entra**
* Select Microsoft Entra from the SSO provider dropdown
* Configure Reo in your Identity Provider: Copy the Reo.Dev single sign on URL, Audience URL and sign-on URL (optional) to **create a custom app** in Microsoft Entra.
* Once you’ve created a custom app, **upload the federation metadata file.** Once you upload the file, the following fields from your IDP will be auto-filled in Reo**:**
* Identity Provider Issuer URL
* Identity Provider SSO URL
* X.509 Certificate
* Then, click on Save and Enforce
{% hint style="warning" %}
Note: Only XML format files are supported. \
In case you see a failure message please check if the XML file uploaded is accurate. If the issue still persists, please reach out to your account manager to resolve this at the earliest.
{% endhint %}
Note: To add a new user, an admin must send an invitation from. Settings → Users —> Invite teammates.
* **Okta**
* Select Okta from the SSO provider dropdown
* Configure Reo in your Identity Provider: Copy the Reo.Dev single sign on URL, Audience URL and sign-on URL (optional) to **create a custom app** in Okta
* Once you’ve created a custom app, **upload the federation metadata file.** To get the XML Metadata file from Okta, follow these steps in Okta.
* Login to your Okta Dashboard and **head to the Admin console** (Ensure you have admin access)
* Navigate to **Applications > Applications**
* **Select the custom app** you created for Reo
* Head to the **Sign-on tab**
* In the SAML set-up section, click on **‘View SAML setup instructions’**
* Copy the IDP Metadata code and download it in the XML format
* **Upload the federation metadata file on Reo.** Once you upload the file, **the following fields from your IDP will be auto-filled in Reo:**
* Identity Provider Issuer URL
* Identity Provider SSO URL
* X.509 Certificate
* Then, click on **Save and Enforce**
{% hint style="warning" %}
Note: Only XML format files are supported. \
In case you see a failure message please check if the XML file uploaded is accurate. If the issue still persists, please reach out to your account manager to resolve this at the earliest.
{% endhint %}
